Your message has been sent

You can find the message in your personal profile at "My messages".

An error occured

Please try again.

Make an appointment with

So that you can make an appointment, the calendar will open in a new tab on the personal profile of your contact person.

Create an onsite appointment with

So that you can make an onsite appointment, the appointment request will open in a new tab.

Make onsite appointment

Header of Global Information Distribution GmbH

Forums it-sa Expo Knowledge Forum B

Hackers versus heroes - a dance on the cyber security data tightrope

The battle for your cyber security has already begun. Remain unassailable! We'll show you how to do it.

Buy trade fair ticket

You can register for this action soon.

You can register for the digital action soon.

Please come back at the scheduled date and time.

The action is currently live. Please scroll down to watch.

This action is only available onsite: Forums it-sa Expo

Add action to bookmarks and download as iCal

Join now

Note: If you continue, the contact data you provided during registration may be transmitted to the respective provider in accordance with our General Terms and Conditions.

Please log in or register in advance so that you can take part in actions or watch the action videos!

This action has already taken place. This action will soon be available as a video.

This action has already taken place. Please scroll down to watch the video.

This action has already taken place. Please login or register to watch the video.

This action has already taken place. It's not available any more.

You are in!

Your ticket / access to the action was sent to you by email.

There is a problem with the action at the moment. Please come back later or contact support.

calendar_today Wed, 23.10.2024, 11:15 - 11:30

event_available On site

place Hall 6, Booth 6-235

Action description

south_east

Speaker

south_east

Themes

Data security / DLP / Know-how protection Legislation, standards, regulations Governance, Riskmanagement and Compliance Data Center Trend topic

Key Facts

Use of the BOOST protocol (not vulnerable)
Data is written away in “WORM mode” (retention lock)
Option of a cyber vault for additional security

Organizer

Event

This action is part of the event Forums it-sa Expo

Action description

What happens when people trust when they shouldn't?
They become blind to dangers and make themselves vulnerable.

The number of ransomware attacks is increasing dramatically. The question is not whether a company will be attacked and encrypted, but rather when this will happen. The many cases that are heard or read in the media every day are increasing sensitivity. The pattern is different. Often, companies are first encrypted in the backup and then the attacker systematically moves on to the primary systems. Depending on when the attack is noticed, what can still be saved can be saved: pull the plug, emergency manual, determine damage, procure equipment, rebuild the system, etc. In many cases, a report must be made to the BSI (Federal Office for Information Security), which then means that the affected systems must first be examined in order to identify the perpetrator and must not be used until the attack is completed.

Due to the increasing threat of ransomware attacks, Dell Technologies has developed protection software that is currently unique in its concept and capabilities. Cyber Recovery is included with the newer PowerProtect Data Domain systems and forms a kind of last line of defense against all types of malware attacks. If customers use a Data Domain as the target storage for the backup in the first expansion stage, they can use these two advantages that make it more difficult for attackers to encrypt the systems. One is the so-called BOOST protocol, which has not been attacked so far, the second is the "Retention Lock" function, in which the data is written away in a "WORM mode" (write once read many) and thus cannot be encrypted. Retention Lock can be used as a governance or compliance mode. This data cannot be changed, overwritten or deleted for the period specified in the retention lock. The compliance mode is used for the company's strict regulatory standards and secures the Data Domain system against internal and external attacks via a security officer. Once the security officer has been created, all other users only have operational rights and cannot exclude users, delete, change or encrypt data.

Based on the observation that modern ransomware is increasingly targeting backup systems in companies and trying to deactivate or control them, Dell Technologies came up with the concept of a vault, i.e. a safe that is absolutely inaccessible to attackers. This Cyber Recovery Vault (CR Vault) stores a kind of gold copy of the company data so that the previous data status can be restored at any time. What's more, the Cyber Recovery Vault can also accommodate the backup server itself and thus ensure that the recovery routines function properly. With the Dell NetWorker and PowerProtect Data Manager (PPDM) backup solutions, this process can even be automated; with other backup products, the administrator has to set up the server manually. It is then possible to restore not only the data records blocked by the malware, but also the fully configured server, thus restoring a clean and functioning production environment in the shortest possible time.

Protect yourself from attacks from your number one enemy – we will help you and show you how to become more and more secure in individual steps! ... read more

Language: German

Questions and Answers: No